Carnegie Mellon University Website Home Page
 
Skip navigation and jump directly to page content
Documentation Index
Accounts
Project Volumes
Overview
Using Your Project Volume
Setting Access Rights
Accounts
Network, Phone & TV
Software
Email & Calendar
Secure Your Computer
Clusters & Printing
Web Services
Classroom & Event Support
Education & Outreach
Support & Repair
Information Security Office (ISO)

Setting Access Rights

Your ability to read, add, delete and modify the files in your project volume is determined by your access rights to that directory.

  • By default, you have full administrative rights to your project volume. This means that you may read, add, delete and modify your files. As administrator, you may also give or take away any set of rights to any user.
  • By default, system:anyuser has the ability to read your files. The group system:anyuser is defined as anyone with an Andrew userID.

You may give or remove access to your project volume by changing the access rights of any user or group of users. To do this, you must launch a telnet session and enter a few simple UNIX commands.

Note: We recommend using the following telnet clients:

Follow these steps to view or set access rights on your project volume:

  1. Launch a telnet client.
  2. You need to connect to the host unix.andrew.cmu.edu.
  3. Use the cd (change directory) command to change to your Project Volume directory, then press Enter. For example, to change into a Project Volume directory called /afs/andrew/course/76/271-Summer/juser, enter the following at the command prompt, then press Enter:

    cd /afs/andrew/course/76/271-Summer/juser

    Note: Be sure to include a space after the "cd" command. Also remember that UNIX commands are case sensitive; there IS a distinction between upper and lower case letters. If you need help with entering UNIX commands, refer to the Commonly Used UNIX Commands section of the Using UNIX and the Andrew System document.
  4. You are now in your project volume directory. To display the current access rights, enter the following at the command prompt, then press Enter:

    fs la
  5. The access rights of the current directory are displayed. For example, the default rights displayed on a project volume owned by "juser" might appear as follows:

    % fs la
    Access list for . is
    Normal rights:
    system:anyuser rl
    juser rlidwka

    Note: For a list of access rights and definitions, refer to the Types of Rights section of the Using PTS Groups and Setting Protections in Andrew document.
  6. Use the fs sa command to set new access rights. For example, to give "read" access rights to user "ju33" for the directory "/afs/andrew.cmu.edu/course/76/271-Summer/juser", enter the following at the command prompt, then press Enter:

    fs sa /afs/andrew.cmu.edu/course/76/271-Summer/juser ju33 rl

    Note: Be sure to include spaces between each part of the command line.
  7. To review the access rights that you just set, type fs la at a command prompt. The updated access rights appear. Notice that ju33 now has read (rl) rights.

    %fs la
    Access list for . is
    Normal rights:
    system:anyuser rl
    ju33 rl
    juser rlidwka
  8. Use the fs sa command to change access rights. For example, to give userid ju33 additional rights to write, enter the following then press Enter:

    fs sa /afs/andrew.cmu.edu/course/76/271-Summer/juser ju33 rlidwk

    Note: Access rights are not cumulative. In other words, the rlidwk rights set in the step above have replaced the previous rl rights set in the previous step.
  9. To remove all access rights from ju33, enter the following, then press Enter:

    fs sa /afs/andrew.cmu.edu/course/76/271-Summer/juser ju33 none
  10. To exit UNIX, type logout, then press Enter. Select File > Exit.
Last Updated: 06/06/06